| oSEC5 | Embedded Security for STM32-based devices |
|
Objectives
|
- Theoretical course
- PDF course material (in English).
- Course dispensed using the Teams video-conferencing system.
- The trainer answers trainees' questions during the training and provide technical and pedagogical assistance through the Teams video-conferencing system.
- Practical activities
- Practical activities represent from 40% to 50% of course duration.
- Code examples, exercises and solutions
- One Online Linux PC per trainee for the practical activities.
- The trainer has access to trainees' Online PCs for technical and pedagogical assistance.
- Eclipse environment and GCC compiler.
- QEMU Emulated board or physical board connected to the online PC (depending on the course).
- Some Labs may be completed between sessions and are checked by the trainer on the next session.
- Downloadable preconfigured virtual machine for post-course practical activities
- At the start of each session the trainer will interact with the trainees to ensure the course fits their expectations and correct if needed
- Familiarity with computer architecture
- Programming skills: Some programming experience, particularly in C
- Knowledge of STM32 Implementation and ARM implementations
- Basic understanding of Security Algorithms and Secure coding
- Total: 12 hours
- 2 sessions, 6 hours each
- From 40% to 50% of training time is devoted to practical activities
- Some Labs may be completed between sessions and are checked by the trainer on the next session
- Any embedded systems engineer or technician with the above prerequisites.
- The prerequisites indicated above are assessed before the training by the technical supervision of the traineein his company, or by the trainee himself in the exceptional case of an individual trainee.
- Trainee progress is assessed in two different ways, depending on the course:
- For courses lending themselves to practical exercises, the results of the exercises are checked by the trainer while, if necessary, helping trainees to carry them out by providing additional details.
- Quizzes are offered at the end of sections that do not include practical exercises to verifythat the trainees have assimilated the points presented
- At the end of the training, each trainee receives a certificate attesting that they have successfully completed the course.
- In the event of a problem, discovered during the course, due to a lack of prerequisites by the trainee a different or additional training is offered to them, generally to reinforce their prerequisites,in agreement with their company manager if applicable.
Course Outline
- Overview of embedded security and its importance
- STM32 Microcontroller overview and security features
- STM32 MCUs and capabilities
- Security features
- ARM TrustZone overview
- Threads and attack vectors specific to embedded systems
- Common attack vectors
- Malware and exploits
- Threat landscape for embedded systems
| Exercise: | Familiarizing with STM32 Security Tools | |
- Secure coding practices
- Code reviews and audits
- Input validation and sanitization
- Memory management and buffer overflows
- Static and dynamic code analysis tools
- Using static analysis tools
- Using dynamic analysis tools
- Secure development lifecycle for STM32-based devices
- Requirements gathering and threat modeling
- Design and implementation
- Testing and validation
- Deployment and maintenance
| Exercise: | Using static and dynamic analysis tools to find vulnerabilities in sample STM32 Code | |
- Secure boot on STM32 Devices
- Introduction to secure boot
- Secure boot implementation
- Secure boot verification and toubleshooting
- Firmware protection on STM32 devices
- Introduction to firmware protection
- Techniques for protecting firmware on STM32 Devices
- Implementation of firmware protection on STM32
- Haardware assisted security on STM32 devices
- Introduction to hardware assisted security
- STM32’s Cortex-M security features
- Implementation of hardware assisted security on STM32
| Exercise: | Implementing secure boot on STM32 devices | |
- Network Architecture for STM32-based Devices
- Overview of network communication protocols for embedded systems
- Secure communication protocols
- Designing a secure network architecture for STM32-based devices
- Transport Layer Security (TLS)
- Introduction to TLS and SSL
- Implementing TLS/SSL on STM32-based devices
- Secure communication using TLS/SSL on STM32
- WiFi security
- Overview of WiFi security mechanisms and standards
- Implementing secure WiFi communication on STM32
- Best practices
- BLE security
- Introduction to BLE
- Overview of BLE security Mechanisms and standards
- Implmeneting secure BLE Communications
- Best practices for securing BLE communication
- LoRaWAN security
- Introduction to LoRaWAN
- Overview of LoRaWAN security mechanisms and standards
- Implementing secure LoRaWAN communication on STM32-based devices
- Best practices
- Sigfox Security
- Overview of Sigfox
- Implementing secure Sigfox communication on STM32-based devices
- Best practices
- Introduction to IoT Security
- Unique security challenges faced by IoT devices
- Overview of the common attack vectors and threats faced by IoT devices
- IoT security best practices
- Securing IoT devices at the network layer
- IoT-specific network security protocols
- Access control and secure data transfer
- Overview of authentication and authorization mechanisms for IoT devices
- Discussion of secure data transfer protocols for IoT, such as MQTT and HTTPS
- The role of application-level encryption in securing IoT devices
- Implementing secure application communication
- Secure application communication between STM32 devices and the cloud or other systems
- implementing secure access control, such as using JSON Web Tokens (JWT) and OAuth
- Best practices
- Introduction to firmware update and management
- Importance of firmware updates in maintaining the security of embedded systems
- Overview of firmware update methods including manual and over-the-air (OTA) updates
- Secure firmware update processes
- OTA update mechanisms
- Overview of OTA update mechanisms
- Implementing OTA updates, including server-side and device-side
- Best practices for OTA updates, including testing and deployment
Duration
12 hours
Cost
2260 € HT
Calendar
To book a training session or for more information, please contact us on info@ac6-training.com.
Registrations are accepted till one week before the start date for scheduled classes. For late registrations, please consult us.
You can also fill and send us the
registration form
This course was designed specifically to be provided online, by one of our skilled trainers.
Scheduled classes are confirmed as soon as there is two confirmed bookings. Bookings are accepted until 2 working days before the course start.
A version tailored for face-to-face delivery is available under reference oSEC1 - Secure C/C++ Development for Embedded Systems
Last update of course schedule: 30 January 2023
Booking one of our trainings is subject to our
General Terms of Sales
|
|||||||||
